> Apart from the Darpa datasets and KDD datasets, are there other > publicly available > datasets? > Are these datasets useful for evaluating a new IDS system or even a > new detection > technique?
Short answer: no. > For evaluating a new technique or methodology using a dataset, especially when > presenting the results to a conference, the validity of the dataset is > critical. > How does one solve this problem, if not for the limited number of > standard datasets available? No one has any good answers for this. I find it rather disconcerting that people are still even working on advanced (non-signature based) IDS, yet no one seems to be willing to put in the effort to address the data problem. I have some further discussion about the problem and what researchers could possibly do about it on my research page: http://www.bruggerink.com/~zow/GradSchool/ . There's a fair amount of personal narrative there -- you might want to scroll down the page to the link to the technical report I put out on running Snort on the DARPA data and start reading from there. As anyone who reads that page might gather, this is an area I'm quite interested in, and I'd be happy to discuss any ideas anyone might have on how to address this problem. Cheers, Terry
